Enterprise App Protection (EAP) – Advanced Phishing Defense
Protect yourself and your organization from phishing attacks that impersonate common enterprise applications like DocuSign, Salesforce, Microsoft 365, and hundreds more.
What This Extension Does
Automatically scans links in your browser and emails in real time
Alerts you when a link claims to be from a trusted enterprise app but leads to an unofficial domain
Uses Google Safe Browsing API to detect phishing and malware threats beyond known fake domains
Maintains an up-to-date database of legitimate enterprise application domains
Detects dynamically added links (e.g., in Outlook Web, Teams, SharePoint)
Works with 150+ enterprise applications
Functions completely offline after initial setup (except for Safe Browsing checks)
How It Works
- 1
Scans all links and detects if any enterprise applications are mentioned
- 2
Verifies if the associated links actually go to official domains
- 3
Checks Google Safe Browsing to detect malware and phishing links not in its internal database
- 4
Detects links inside dynamically loaded content
- 5
Shows a clear warning if a potential impersonation attempt is detected
Privacy & Security
- ✓
Zero Data Collection: This extension does not collect, store, or transmit any personal data, browsing history, or email content.
- ✓
Completely Offline: After initial installation, all domain checks are performed locally on your device.
- ✓
No Cloud Processing: All link analysis happens directly in your browser.
- ✓
Uses Google Safe Browsing API: Checks URLs against Google's real-time phishing and malware database.
- ✓
Open Source: All code is available for review.
What This Extension Doesn't Do
- ✗
Does NOT access, read, or store your email content or attachments.
- ✗
Does NOT track your browsing history.
- ✗
Does NOT require an account or registration.
- ✗
Does NOT send any data back to our servers.
- ✗
Does NOT modify or alter any content—it only shows warnings.
- ✗
Does NOT prevent you from visiting any websites.
Trusted & Blocked Domains
- 1
Open the extension options page.
- 2
Add or remove domains under "Trusted Domains" or "Blocked Domains".
- 3
Click "Update Database" to apply changes.
Google Safe Browsing API
This extension integrates with Google Safe Browsing to detect additional phishing and malware sites. If Google does not recognize a site as unsafe, it will not be flagged unless it is in the blocked domains list.
Report new phishing domains to GooglePerfect For
- •
Business professionals who regularly use enterprise applications
- •
IT security teams looking to protect their organizations
- •
Anyone concerned about phishing attacks targeting business services
- •
Organizations using multiple cloud-based enterprise applications
- •
Microsoft 365 users (Outlook, Teams, SharePoint) who want extra security
System Requirements
- •
Google Chrome 88+ / Microsoft Edge 88+
- •
Works with Microsoft Outlook Web, Teams, and SharePoint
- •
Internet connection required for Safe Browsing checks (optional)
Troubleshooting
Why is a suspicious site not flagged?
- •
It might not be in the domains.json database.
- •
Google Safe Browsing does not recognize it as a phishing site.
- •
The domain may be a legitimate subdomain of an official service.
Why is a link incorrectly flagged?
- •
If the link contains a word matching an app name but is not actually phishing.
- •
You can add the domain to "Trusted Domains" in the options page.
Latest Updates
Dynamic Link Scanning: Detects phishing links inside emails, Teams, and SharePoint without reloading the page.
Google Safe Browsing Support: Detects additional phishing sites beyond known fake domains.
Improved Matching: Ensures only full app names trigger warnings.
Optimized Performance: No duplicate warnings, reduced false positives.
No More Debugging Logs: Production-ready version with clean console logs.
Screenshots
